Openvpn client unable to ping remote internal network

noor · Jul 4, 2016, 8:17 AM

Dear All,

I have configured OpenVpn in pfsense 2.1.5 with Ldap authentication and client connected successfully but i am unable to ping and access remote internal servers and host.

Global IP of VPN Server = 185.190.–---- ( this is example only for understanding )
Remote Internal Network = 172.16.0.0/24
Home DSL Internet network 192.168.1.0/24

I am connected from Home DSL to Pfsense OpenVpn and got IP= 192.168.168.3/24 but i am unable to ping 10.0.0.0/24 network servers and all hosts.

what is going wrong why i am still unable to communicate as i have allowed in firewall to any any and also disabled firewall in remote internal hosts.

viragomann · Jun 1, 2016, 10:15 AM

Do you have a firewall rule at pfSense on OpenVPN interface which allow access?
Can you ping the pfSense internal IP?

trekkiebr · Jun 3, 2016, 11:57 AM

Could you check if your client has a route to the subnet (server side) ?
You can use the command route print on Windows (just guessing your SO).
If it hasn't, just check you OpenVPN Configuration (Ipv4 local networks - 10.0.0.0/24)
If it's correct probably you have to add some rules to the VPN interface on your firewall.

trekkiebr · Jun 3, 2016, 12:54 PM

I've just reading some docs and notice that if you are using Windows and a non admin user, maybe it wont work:

f such a user needs to establish an OpenVPN connection (OpenVPN and OpenVPN-GUI are already installed) the connection will be established but the necessary routes are not set.

https://community.openvpn.net/openvpn/wiki/Nonprivileged

noor · Jun 18, 2016, 6:25 AM

Dear All,

yes i have enabled firewall allow rule on open vpn instance and wan instance but i am unable to communicate with internal host and servers.

and i am connecting through admin user on local windows 7 operating system.

please advise what is the issue.

Regards,

viragomann · Jun 19, 2016, 7:05 PM

So check the routing table on your Windows client as suggested above by trekkiebr.

noor · Jun 21, 2016, 4:19 AM

yes after connected through VPN i can ping to pfsense firewall but cannot ping to internal network. routes are ok but missing default gateway.

it can be due to default gateway missing am i right..? if yes then what is the solution

Regards,

viragomann · Jun 21, 2016, 10:30 AM

No way to help if we can't see the routing table. Sorry.

noor · Jun 22, 2016, 6:58 AM

ok i am configuring again whole setup and will share routing table here soon.

noor · Jul 4, 2016, 8:11 AM

Dear All,

I have troubleshoot the issue with my self and SSL VPN working very perfect now i can access remote internet and internal network through internet with high speed it is working with same speed as i getting in local LAN i did not feel any difference. this is great thing in pfsense i salute to their Developers.

Regards,
Noor.